#!/bin/bash
#
#	Installs a local SELinux policy for farsync or fshcx25
#


if [ $(id -u) != "0" ]; then
	echo "You must be root to run this script"
	exit 1
fi

if semodule -lfull | grep farsite >/dev/null; then
	echo "There is already a farsite SELinux module"
	echo "Please use sudo semodule -X300 -r farsite to remove the module and"
	echo "backup and delete any farsite.te or farsite.pp files in this directory"
	echo "before running this script again"
	exit 1
fi

if [ -e /etc/init.d/farsync ] || [ -e /etc/init.d/fshcx25]; then
	echo "Checking audilt log"
	if ausearch -c 'insmod' --raw | egrep 'farsync|fsx25|fsflex|x25tap' > /dev/null; then
		echo "Entries for FarSite software found in SELinux audit log"
		echo "Generating local policy module"
		ausearch -c 'insmod' --raw | egrep 'farsync|fsx25|fsflex|x25tap' | audit2allow -M farsite > /dev/null
		echo "Applying local policy module"
		semodule -X 300 -i farsite.pp
	else
		echo "There are no entries found for FarSite software in SELinux audit log"
		echo "You may need to stop and start your FarSite software to generate entries in the SELinux audit log"
		exit 1
	fi
else
echo "There does not appear to be any farsite software installed"
exit 1
fi
exit 0